Defender for endpoint incorrectly onboarding devices.

Benard Mwanza 996 Reputation points
2021-10-14T09:59:49.63+00:00

We are currently rolling out Microsoft defender for endpoint for some selected devices. The method we choose is to use configuration manager.

The first phase was windows 10.
Method of deployment configuration manager current branch.

Windows 10 devices are in device collection based OU.(We created an OU in AD added the devices, then created a device collection based on that OU).

Created Microsoft defender ATP policy from the configuration manager then deployed it to the device collection created above. The policy targeted any supported devices, described in the article below(The procedure we used)

https://learn.microsoft.com/en-us/mem/configmgr/protect/deploy-use/defender-advanced-threat-protection

Waited for onboarding to go through, after few hours. Defender for endpoint portal is showing windows servers devices, the windows 10 devices are missing. What are we doing wrong

This windows servers are not joined to azure AD.

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,127 questions
Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,754 questions
Microsoft Configuration Manager
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Matthias Vandenberghe 1 Reputation point
    2022-01-24T15:10:16.33+00:00

    Hi,

    Is this Problem still relevant?

    if so,

    • what version of Configuration Manager are you running?
    • do you have other policies in place? (GPO, MDM, ...)
    • are your devices hybrid joined?
    • what licenses do you have in your environment?
    0 comments